Andreas Steffen
b2ac140338
fixed the ids parsing bug
2006-09-19 06:17:06 +00:00
Andreas Steffen
43ead00a2f
fixed the ids parsing bug
2006-09-19 06:16:48 +00:00
Martin Willi
f534e18a98
updated TODOs
2006-09-18 11:41:04 +00:00
Martin Willi
e63c4d8b8b
fixed memleak
...
fixed proper handling of id parsing errors
proper return value when no PSK found
2006-09-18 11:39:53 +00:00
Martin Willi
6e9bbf18b8
added HOST_ACCESS for firewall script as default
2006-09-18 11:38:37 +00:00
Martin Willi
5fded5139e
more debugging output for PSK authentication
2006-09-18 11:38:11 +00:00
Martin Willi
a2cf2812c4
some cleanups here and there
2006-09-18 11:37:40 +00:00
Andreas Steffen
4f383c6950
added auth_method field
2006-09-18 07:46:16 +00:00
Andreas Steffen
5b321e1132
added auth_method field
2006-09-18 07:45:16 +00:00
Andreas Steffen
8b448b5c22
cosmetics
2006-09-18 07:44:41 +00:00
Andreas Steffen
b267ed00d1
verify_emsa_pkcs1_signature returns status_t
2006-09-18 07:44:16 +00:00
Andreas Steffen
2e7b7faf0c
cosmetics
2006-09-18 07:43:44 +00:00
Andreas Steffen
e2de376c74
added PSK support
2006-09-18 07:42:57 +00:00
Andreas Steffen
957115957a
enabled firewall support
2006-09-18 07:41:54 +00:00
Andreas Steffen
f9aa9e2977
added
2006-09-18 07:41:22 +00:00
Andreas Steffen
a4dcb7ded6
added
2006-09-18 07:41:09 +00:00
Andreas Steffen
8e746cdf88
added
2006-09-18 07:40:37 +00:00
Martin Willi
a7371600b0
proper error handling for socket creation
2006-09-18 06:44:38 +00:00
Martin Willi
b9024ee058
handle certificate parsing error more generous
2006-09-14 13:14:58 +00:00
Martin Willi
8a95c322c5
fixed certificate verification bug!
2006-09-14 12:22:08 +00:00
Martin Willi
567e2a7822
fixed memleak when receiving invalid certificate
2006-09-14 12:15:41 +00:00
Andreas Steffen
6725ef5f23
version bump to 4.0.4
2006-09-14 06:47:21 +00:00
Andreas Steffen
7a7390e995
version bump to 4.0.4
2006-09-14 06:45:16 +00:00
Andreas Steffen
dc8ad57aa9
two new test scenarios
2006-09-14 06:39:14 +00:00
Andreas Steffen
1f948f684a
fixed path to images directory
2006-09-14 06:38:50 +00:00
Martin Willi
d7934d0cfc
implemented updown script to handle firewalling
2006-09-12 13:50:14 +00:00
Martin Willi
a095243f60
add priority management for kernel policy
...
let ROUTED policies installed, until manuall removed
introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs
ike_sa_manager cleanups
2006-09-08 13:10:52 +00:00
Martin Willi
1239c6f40b
implemented handling of dpdaction and dpddelay ipsec.conf parameters
2006-09-08 06:12:02 +00:00
Martin Willi
a655f5c09c
reuse reqid when a ROUTED child_sa gets INSTALLED
...
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes
2006-09-05 14:07:25 +00:00
Martin Willi
da8ab11e91
fixed a at-least-one-year-old bug which caused crashed in the scheduler
2006-08-31 06:48:10 +00:00
Martin Willi
c705698293
added raw socket filter for IPv6
2006-08-31 06:18:15 +00:00
Martin Willi
053842f4e7
implemented NAT detection for IPv6
2006-08-31 06:17:41 +00:00
Martin Willi
1f7fd2ced8
removed unneeded constructor
2006-08-31 06:16:52 +00:00
Martin Willi
48d9883a3e
initial support for IPv6 (more testing needed)
...
socket works (without v6 filter)
traffic selector handle IPv4/v4 cleanly
improvements in traffic selector code
kernel interface accepts v6 traffic selectors and hosts
host_t class has full IPv6 support
2006-08-30 17:12:56 +00:00
Martin Willi
51d4876814
added stddef.h include for compilers which do not support the offsetof() directive
2006-08-28 09:02:51 +00:00
Martin Willi
4c23a8c9ec
moved interface enumeration code to socket, where it belongs
...
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"
2006-08-28 08:45:22 +00:00
Andreas Steffen
834b2ce2e2
version bump of UML kernel to 2.6.17.11
2006-08-25 09:25:12 +00:00
Martin Willi
fa8d578d94
fixed crash bug when doing "ipsec down" with an unknown connection
2006-08-25 09:19:42 +00:00
Martin Willi
9be547c0ed
added name property in CHILD_SA, allows proper status output
2006-08-25 09:07:37 +00:00
Martin Willi
7106403bd8
2006-08-25 07:42:48 +00:00
Martin Willi
c3e7aeb102
fixed bug which prevented port float when nat is detected
2006-08-25 07:37:22 +00:00
Andreas Steffen
8ae6a48f94
version bumps
2006-08-25 07:30:29 +00:00
Andreas Steffen
b425d99867
'sha' and 'sha1' are now treated as synonyms
2006-08-23 12:07:15 +00:00
Andreas Steffen
3dc16958dd
'sha' and 'sha1' are now treated as synonyms
2006-08-23 12:07:07 +00:00
Martin Willi
a1310b6b92
updated Changelog and other docs
2006-08-23 11:48:33 +00:00
Martin Willi
d03ab568a6
fixed rekeying behavior when proposing an inacceptable DH group (INVALID_KE_PAYLOAD)
2006-08-23 09:25:41 +00:00
Martin Willi
3183006de2
implement proper handling of most simultaneous IKE_SA rekeying cases
2006-08-23 07:30:43 +00:00
Andreas Steffen
c3f97102f1
version bump to 4.0.3
2006-08-02 12:33:26 +00:00
Martin Willi
f698448ea3
implemented proper refcounting using atomic operations
2006-07-28 09:45:18 +00:00
Martin Willi
fe04e93a8b
implemented IKE_SA rekeying
...
uses ikelifetime, rekeymargin and rekeyfuzz config settings
no handling of simultaneus exchanges yet!
2006-07-27 12:18:40 +00:00